Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/aJJ-YdVMN1blRA6zgwpwFOSytEA.roa
File: aJJ-YdVMN1blRA6zgwpwFOSytEA.roa (raw, json)
Hash identifier: 18Fas5Pt/vlUe10SXqZ/nCZNIMF4HTl3m3WAOZlwA4Y=
Subject key identifier: 68:92:7E:61:D5:4C:37:56:E5:44:0E:B3:83:0A:70:14:E4:B2:B4:40
Certificate issuer: /CN=91d8c32a703972aaea093a01f8dedf57f9675575
Certificate serial: 01942827DF94001DFDCC943CAF527C286387
Authority key identifier: 91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/aJJ-YdVMN1blRA6zgwpwFOSytEA.roa
Signing time: Thu 02 Jan 2025 17:54:49 +0000
ROA not before: Thu 02 Jan 2025 17:54:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24730
IP address blocks: 81.23.224.0/20 maxlen: 20
81.173.4.0/24 maxlen: 24
81.173.124.0/24 maxlen: 24
185.236.176.0/22 maxlen: 22
2001:15b8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:df:94:00:1d:fd:cc:94:3c:af:52:7c:28:63:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d8c32a703972aaea093a01f8dedf57f9675575
Validity
Not Before: Jan 2 17:54:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68927e61d54c3756e5440eb3830a7014e4b2b440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:2b:64:27:51:9b:68:1e:93:1a:28:8d:fb:
a3:0c:ea:f7:be:86:07:a3:ed:20:b8:89:d6:73:c1:
90:99:bc:a2:dc:33:ff:ed:67:3c:2f:8a:d8:e2:75:
92:b5:1e:3a:ce:19:32:b1:df:98:aa:f8:b0:37:16:
b9:db:e4:bc:7c:c1:ab:45:41:32:77:de:4d:33:05:
9c:d9:97:d7:c9:8d:ac:bc:9a:62:e4:1d:b4:1d:6d:
1f:15:c8:d7:66:2d:84:83:dd:b5:8b:31:28:21:4d:
94:d2:44:78:81:88:d7:8d:92:4e:b4:59:49:fe:66:
6d:3f:07:e1:1d:58:43:1e:8d:ed:8e:51:02:11:46:
e9:17:83:47:68:c7:eb:e8:f0:a7:7a:57:21:49:45:
30:d7:ac:42:2b:25:6e:1a:c9:7f:58:55:99:8a:23:
92:2c:0c:19:02:27:93:6c:52:d8:04:22:5e:2f:ca:
a0:86:d6:97:6b:3f:68:5b:42:22:23:4f:01:d3:ec:
09:c3:50:8e:7e:12:78:13:2b:76:e3:2d:a9:8f:85:
08:3c:f6:19:6d:fd:51:2e:81:ee:b2:88:f7:80:f2:
bb:1d:3a:93:29:9a:ef:69:30:8e:d3:43:45:92:36:
96:c6:21:e4:23:f6:8b:5d:bc:88:3f:9c:96:65:4e:
e8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:92:7E:61:D5:4C:37:56:E5:44:0E:B3:83:0A:70:14:E4:B2:B4:40
X509v3 Authority Key Identifier:
keyid:91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/aJJ-YdVMN1blRA6zgwpwFOSytEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.224.0/20
81.173.4.0/24
81.173.124.0/24
185.236.176.0/22
IPv6:
2001:15b8::/32
Signature Algorithm: sha256WithRSAEncryption
8e:c5:bc:b1:86:6c:6f:81:9c:73:74:8f:21:58:f6:a2:1d:95:
00:0e:39:27:ba:13:90:c2:7a:6d:20:3d:d1:f7:68:e3:1c:8d:
45:63:97:02:f5:de:99:a5:bf:a3:51:16:51:1f:a7:d9:ea:ee:
1f:11:01:d5:2b:e6:f4:4a:84:e2:e4:05:53:d2:75:9a:ca:af:
b1:4a:73:a1:19:4a:a0:e4:23:4b:ed:d6:3f:af:60:2e:b6:56:
ff:82:dc:af:cb:e6:55:3a:94:93:ba:7d:7b:be:6a:aa:78:bb:
e9:35:c5:31:e5:02:47:dd:14:27:cb:3f:9b:7e:4e:19:58:e3:
cd:45:2e:0c:4b:3f:3b:4d:ec:ac:b2:49:25:82:4f:5f:78:a5:
93:58:f4:f9:4c:3f:f1:45:ad:35:b5:72:11:6f:0d:e6:8e:3e:
89:0a:f2:74:78:74:0e:43:76:d3:68:42:77:f9:d8:4d:3b:d0:
d0:0e:26:77:e2:4e:86:8d:89:dc:ef:1e:00:c2:a9:f0:cb:e1:
8c:85:36:ef:65:f3:bf:ab:31:2a:07:f1:ee:4e:f9:83:da:dc:
e2:e2:5c:51:4d:1e:f0:c9:02:da:d1:8f:62:2f:6c:05:b4:b9:
85:de:d9:de:dc:84:06:62:c7:89:33:69:ee:9c:24:27:73:70:
9e:a9:1c:51
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoJ9+UAB39zJQ8r1J8KGOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDhjMzJhNzAzOTcyYWFlYTA5M2EwMWY4ZGVkZjU3Zjk2
NzU1NzUwHhcNMjUwMTAyMTc1NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODkyN2U2MWQ1NGMzNzU2ZTU0NDBlYjM4MzBhNzAxNGU0YjJiNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQUrZCdRm2gekxoojfujDOr3voYH
o+0guInWc8GQmbyi3DP/7Wc8L4rY4nWStR46zhkysd+YqviwNxa52+S8fMGrRUEy
d95NMwWc2ZfXyY2svJpi5B20HW0fFcjXZi2Eg921izEoIU2U0kR4gYjXjZJOtFlJ
/mZtPwfhHVhDHo3tjlECEUbpF4NHaMfr6PCnelchSUUw16xCKyVuGsl/WFWZiiOS
LAwZAieTbFLYBCJeL8qghtaXaz9oW0IiI08B0+wJw1COfhJ4Eyt24y2pj4UIPPYZ
bf1RLoHusoj3gPK7HTqTKZrvaTCO00NFkjaWxiHkI/aLXbyIP5yWZU7oIwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGiSfmHVTDdW5UQOs4MKcBTksrRAMB8GA1UdIwQY
MBaAFJHYwypwOXKq6gk6Afje31f5Z1V1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEt
M2MxMjc4MWUyMDJkLzEvYUpKLVlkVk1OMWJsUkE2emd3cHdGT1N5dEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEtM2MxMjc4MWUyMDJk
LzEva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEURfgAwQA
Ua0EAwQAUa18AwQCueywMA0EAgACMAcDBQAgARW4MA0GCSqGSIb3DQEBCwUAA4IB
AQCOxbyxhmxvgZxzdI8hWPaiHZUADjknuhOQwnptID3R92jjHI1FY5cC9d6Zpb+j
URZRH6fZ6u4fEQHVK+b0SoTi5AVT0nWayq+xSnOhGUqg5CNL7dY/r2Autlb/gtyv
y+ZVOpSTun17vmqqeLvpNcUx5QJH3RQnyz+bfk4ZWOPNRS4MSz87Teysskklgk9f
eKWTWPT5TD/xRa01tXIRbw3mjj6JCvJ0eHQOQ3bTaEJ3+dhNO9DQDiZ34k6GjYnc
7x4Awqnwy+GMhTbvZfO/qzEqB/HuTvmD2tzi4lxRTR7wyQLa0Y9iL2wFtLmF3tne
3IQGYseJM2nunCQnc3CeqRxR
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:50:13 2025 by rpki-client